Overview

overview

10

Static

static

10

10f703168c...d0.exe

windows7-x64

6

10f703168c...d0.exe

windows10-2004-x64

6

2c21fa0fe0...37.exe

windows7-x64

1

2c21fa0fe0...37.exe

windows10-2004-x64

4

4f6f22b1e2...37.exe

windows7-x64

7

4f6f22b1e2...37.exe

windows10-2004-x64

7

9f2d8507d2...52.dll

windows7-x64

1

9f2d8507d2...52.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    samples.zip

  • Size

    538KB

  • Sample

    230609-3f1cwaee21

  • MD5

    add78bdf3aaf3dbf33f608c5b895370a

  • SHA1

    7a3b6c2e42e762d940301b677b79460d57c6226e

  • SHA256

    63678e5b056502414873fda9239cc3a24b3156e49368c4353a23324048ee1fbf

  • SHA512

    a71b41e924fb7a98991810f5d0c325372cdeeb7c23f5cde45b73f6b5a1648c89b703acd8d0f82b0da3f40cf60b521dda9be8e9e7a192e593093d0bc6506668b5

  • SSDEEP

    12288:2y2CDSdxEepuwYQ9cfa4dyny6GekGlwVGyiL+lUanK2gmW9RD7ZPY:2/CDuavwYy6a4oJGekGlwV7UCPgm6RvC

Score
10/10
collectionspywarestealer

Malware Config

Targets

    • Target

      10f703168cc43f60bfd54c69242d3db63d2d60e1114de74956a2439b8a8b3ed0

    • Size

      96KB

    • MD5

      3f5aca02abb16dbf86748596e4fa0258

    • SHA1

      1588bfd4e090d3d194879899c02dcc207d5ca257

    • SHA256

      10f703168cc43f60bfd54c69242d3db63d2d60e1114de74956a2439b8a8b3ed0

    • SHA512

      bb96706ec69bee65e94fd5cc5a112e3e50f12d6895444144f7c5190e298960b02a2c922ac249deb2e3fd5f3d23e52b95058cf6262e5599823b576f849fe4b420

    • SSDEEP

      1536:DuwENQVMcBpl3Cvt/4fJxCSe2RvK3m5fVqhJOewnMoTqqVn9w2KQgO:qwE+VMCyF/4fxJY3GoJlwnx9w2KQgO

    Score
    6/10
    collection
    behavioral1behavioral2

    • Target

      2c21fa0fe0c3ad261925eb51f822d48fb107287bf3819cd0dc22a118394d1037

    • Size

      520KB

    • MD5

      d97db65ecab73ea41b8c4662e0ca1db5

    • SHA1

      158d50341f38f236573c67ad757d6b323de4a8eb

    • SHA256

      2c21fa0fe0c3ad261925eb51f822d48fb107287bf3819cd0dc22a118394d1037

    • SHA512

      82f5c361caf085e4698c7b6448cf4a9d23cbfe8bca8d0b0f599e1225b3f0b2cc7f0d4d4592550c0da204098aef170ea0996db91325c18665f7bb2dd25a022060

    • SSDEEP

      12288:uqd700hXiHYaUyqYCeLNk1EpJTeTmAE9:d70QXi4gLYEpJSTF

    Score
    4/10
    behavioral3behavioral4

    • Target

      4f6f22b1e21fcb1b48bb34c2f430246d873c7f211a03f3e83d24a560d0ff1a37

    • Size

      337KB

    • MD5

      0f9bdd25ddc56c88d02fd317d2bbfd61

    • SHA1

      63128255a92b7b86e57c7d20deae7754dc28e50c

    • SHA256

      4f6f22b1e21fcb1b48bb34c2f430246d873c7f211a03f3e83d24a560d0ff1a37

    • SHA512

      6b4874ff5939e29dff0c0f3891d2b2210b52a2104fdd1cd6ea1e44c44d34b7dc8c3530e3990c9192e07478130351ada2e0e0382b1eeaf8e40e56d7b889695c7d

    • SSDEEP

      6144:KbS/QTjhUqBfxrwEnuNcSsm7IoYGW0VvBXCAt6kihk:KQtqB5urTIoYWBQkL

    Score
    7/10
    spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral5behavioral6

    • Target

      9f2d8507d23e9dfea8317f366ae968063e332c93635d1f6d1c75a6d7e5552f52

    • Size

      6KB

    • MD5

      50ee178f951ab99681606ddc324f447e

    • SHA1

      9134d7233daffdf68a0e148c50208027f7537b0d

    • SHA256

      9f2d8507d23e9dfea8317f366ae968063e332c93635d1f6d1c75a6d7e5552f52

    • SHA512

      38de0fa5457d04d12a1fa5959b2bf441b9b875e1758a704129b5fdc91c86692aebb8b03b800d770c316775ceffe7a8e6268806abe0971901b02e7ee4df1e6131

    • SSDEEP

      96:1duHetSF6eokSwcCqFpCptQRR/utwg/0UDi5qRy:iHkSseokxpqFpbRR/u7/0UF

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Email Collection

1
T1114

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks